Overview

Course Description

Get hands-on instruction and practice administering Active Directory technologies in Windows Server 2012 and Windows Server 2012 R2 in this 5-day Microsoft Official Course. You will learn the skills you need to better manage and protect data access and information, simplify deployment and management of your identity infrastructure, and provide more secure access to data from virtually anywhere. You will learn how to configure some of the key features in Active Directory such as Active Directory Domain Services, Group Policy, Dynamic Access Control, Work Folders, Workplace Join, Certificate Services, Rights Management Services and Federation Services, as well as integrating your on premise environment with cloud based technologies such as Windows Azure Active Directory. As part of the learning experience, you will perform hands-on exercises in a virtual lab environment. NOTE: This course is based on Windows Server 2012 and Windows Server 2012 R2. This course is designed for experienced IT professionals who support medium to large enterprises and have fundamental knowledge and experience administering Active Directory.

Audience Profile

Target Audience

This course is intended for Information Technology (IT) professionals who have Active Directory Domain Services (AD DS) experience and are looking for a single course that will further develop knowledge and skills using Access and Information Protection technologies in Windows Server 2012 and Windows Server 2012 R2. This would typically include:

AD DS administrators who are looking to further develop skills in the latest Access and Information Protection technologies with Windows Server 2012 and Windows Server 2012 R2.

System or Infrastructure administrators with general AD DS experience and knowledge who are looking to build upon that core knowledge and cross-train into advanced Active Directory technologies in Windows Server 2012 and Windows Server 2012 R2

IT Professionals who have taken the 10967A: Fundamentals of a Windows Server Infrastructure course and are looking to build upon that Active Directory knowledge.

Prerequisites

Prerequisites

Before attending this course, students must have:

Experience working with AD DS.

Experience working in a Windows Server infrastructure enterprise environment.

Experience working with and troubleshooting core networking infrastructure technologies such as name resolution, IP Addressing, Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP).

Experience with Hyper-V and Server Virtualization concepts.

An awareness and understanding of general security best practices.

Experience working hands on with Windows Client operating systems such as Windows Vista, Windows 7 or Windows 8.

At Course Completion

At Course Completion

After completing this course, students will be able to:

Understand available solutions for identity management and be able to address scenarios with appropriate solutions.

Deploy and administer AD DS in Windows Server 2012.

Secure AD DS deployment.

Implement AD DS sites, configure and manage replication

Implement and manage Group Policy

Manage user settings with Group Policy

Implement certification authority (CA) hierarchy with AD CS and how to manage CAs.

Implement, deploy and manage certificates.

Implement and manage AD RMS.

Implement and administer AD FS.

Secure and provision data access using technologies such as Dynamic Access Control, Work Folders and Workplace Join

Monitor, troubleshoot and establish business continuity for AD DS services.

Course Outline

This module explains Access and Information Protection (AIP) solutions from the business perspective and maps business problems to technical solutions.

Introduction to Access and Information Protection Solutions in Business

Overview of AIP Solutions in Windows Server 2012

Overview of Forefront Identity Manager 2010 R2

Module 2: Advanced Deployment and Administration of AD DS

This module explains how to deploy AD DS remotely and describes the virtualization safeguards, cloning abilities and extending AD DS to the cloud.

Deploying AD DS

Deploying and Cloning Virtual Domain Controllers

Deploying Domain Controllers in Windows Azure

Administering AD DS

Module 3: Securing Active Directory Domain Services

This module describes the threats to domain controllers and what methods can be used to secure the AD DS and its domain controllers.

Securing Domain Controllers

Implementing Password and Lockout Policies

Audit Authentication

Module 4: Monitoring, Managing, and Recovering AD DS

This module explains how to use tools that help monitor performance in real time, and how to record performance over time to spot potential problems by observing performance trends. This module also explains how to optimize and protect your directory service and related identity and access solutions so that if a service does fail, you can restart it as quickly as possible.

Monitoring AD DS

Managing the AD DS Database

AD DS Backup and Recovery Options for AD°DS and Other Identity and Access Solutions

Module 5: Implementing and Administering AD DS Sites and Replication

This module explains how AD DS replicates information between domain controllers within a single site and throughout multiple sites. This module also explains how to create multiple sites and how to monitor replication to help optimize AD DS replication and authentication traffic.

Overview of AD DS Replication

Configuring AD DS Sites

Configuring and Monitoring AD DS Replication

Module 6: Implementing Group Policy

This module describes Group Policy, how it works, and how best to implement it in your organization.

Introducing Group Policy

Implementing and Administering GPOs

Group Policy Scope and Group Policy Processing

Troubleshooting the Application of GPOs.

Module 7: Managing User Settings with Group Policy

This module describes how to how to use GPO Administrative Templates, Folder Redirection, and Group Policy features to configure users’ computer settings.

Implementing Administrative Templates

Configuring Folder Redirection and Scripts

Configuring Group Policy Preferences

Module 8: Implementing Secure Shared File Access

This module explains how to use Dynamic Access Control (DAC) and Work Folders and how to plan and implement these technologies.

This module explains how to deploy and manage certificates, configure certificate templates and manage enrollment process. Also, this module describes certificate usage in business environments and about deployment and management of smart cards.

This module introduces Active Directory Rights Management Services (AD RMS). It also describes how to deploy AD RMS, how to configure content protection, and how to make AD RMS–protected documents available to external users.

Overview of AD RMS

Deploying and Managing an AD RMS Infrastructure

Configuring AD RMS Content Protection

Configuring External Access to AD RMS

Module 12: Implementing and Administering AD FS

This module explains AD FS, and then provides details on how to configure AD FS in both a single organization scenario and in a partner organization scenario. This module also describes the Web Application Proxy feature in Windows Server 2012 R2 that functions as an AD FS proxy and reverse proxy for web-based applications.